When working with Docker, it’s common to configure containers using environment variables. These variables help you avoid hardcoding sensitive data (like API keys, credentials, or configuration settings) directly in your code or Dockerfiles.
In this blog, you’ll learn how to pass environment variables to Docker containers in different ways—whether you’re running containers manually, using Docker Compose, or working with .env files.
✅ Why Use Environment Variables?
Environment variables provide a clean, secure, and flexible way to pass configuration settings to your containerized applications. Use them to:
- Set database credentials
- Define API keys
- Configure application modes (
development,production) - Inject runtime values without modifying the container image
🛠️ Method 1: Using the -e Flag in docker run
You can pass environment variables directly when starting a container using the -e (or --env) option.
Example:
docker run -e APP_ENV=production -e API_KEY=abc123 my-app-image
You can add as many -e flags as needed.
With full syntax:
docker run --env DB_USER=admin --env DB_PASS=secret my-db-container
📄 Method 2: Using an .env File
You can store environment variables in a .env file and load them into the container.
Example .env file:
APP_ENV=production
API_KEY=abc123
DB_USER=admin
DB_PASS=secret
Run with --env-file:
docker run --env-file .env my-app-image
This method is great for keeping sensitive or lengthy configuration values out of your terminal history and scripts.
⚙️ Method 3: Setting Environment Variables in Docker Compose
When using Docker Compose, you can define environment variables directly in the docker-compose.yml file.
Option A: Inline in docker-compose.yml
version: '3.8'
services:
web:
image: my-app-image
environment:
- APP_ENV=production
- API_KEY=abc123
Option B: Load from .env Automatically
Create a .env file in the same directory as your docker-compose.yml:
APP_ENV=production
API_KEY=abc123
Then reference the variables in the compose file:
services:
web:
image: my-app-image
environment:
- APP_ENV
- API_KEY
Docker Compose will automatically load the .env file and inject the values.
🔐 Security Considerations
- Never commit
.envfiles with secrets to version control (use.gitignore). - Use Docker secrets for handling highly sensitive data like passwords or tokens in production environments.
- Limit access to shell history and CI/CD logs where env values might appear.
📝 Conclusion
Passing environment variables to Docker containers is a standard and essential practice for containerized application configuration. Whether you’re working in development or deploying to production, these methods provide flexibility and security.
🔑 Summary:
| Method | Use Case |
|---|---|
-e flag | Quick one-off runs |
--env-file | Reusable and secure local environments |
Docker Compose environment: | Declarative, multi-container setups |
.env with Compose | Clean and scalable configuration |